├── .github └── workflows │ └── build-scan.yml ├── LICENSE ├── README.md ├── chapter01 ├── create-cluster.sh ├── create-state-store.sh ├── create-zone.sh └── sub-domain.json ├── chapter02 └── create-cluster.sh ├── chapter03 └── nocode ├── chapter04 ├── .DS_Store ├── cluster-role.yaml ├── create_ns.sh ├── create_role.sh ├── create_role_binding_group.sh ├── create_role_binding_sa.sh ├── create_sa.sh ├── pod.yaml └── role.yaml ├── chapter05 ├── network_policy.yaml ├── network_policy_allow_good.yaml ├── nginx.yaml └── ps_aux.sh ├── chapter06 ├── default_apiserver.sh ├── default_controller_manager.sh ├── default_etcd.sh ├── default_kube_scheduler.sh ├── default_kubelet.sh ├── kube-bench.sh └── nginx.yaml ├── chapter07 ├── anonymous_auth.sh ├── bootstrap_tokens.sh ├── busybox.yaml ├── client_certs.sh ├── csr.cnf ├── csr.yaml ├── deployment.yaml ├── employee.crt ├── employee.key ├── generate_cert.sh ├── limitrange.sh ├── limitrange.yaml ├── new.csr ├── opa.sh ├── opa.yaml ├── pod-blacklist.rego ├── pod_limit.yaml ├── rbac.sh ├── role.yaml ├── rolebinding.yaml ├── server.conf ├── server.csr ├── service_account.sh └── webhook-config.yaml ├── chapter08 ├── README.MD ├── base-busybox.yaml ├── echo-pod.yaml ├── ns.yaml ├── pods-allow.yaml ├── pods-deny.yaml ├── psp-advisor.sh ├── psp-example.sh ├── psp.yaml ├── roles.yaml └── sa.yaml ├── chapter09 ├── Dockerfile ├── anchore-cli.yaml ├── build-push.sh ├── demo.sh └── jenkins.yaml ├── chapter10 ├── config_prometheus.yaml ├── deployment.yaml ├── grafana-data.yaml ├── grafana-deployment-new.yaml ├── grafana-deployment.yaml ├── grafana-service.yaml ├── limit_range.yaml ├── nginx-bad.yaml ├── nginx-good.yaml ├── nginx-resources.yaml ├── nginx.yaml ├── prometheus-config.yaml ├── prometheus-deployment.yaml ├── prometheus-role.yaml ├── prometheus-rolebinding.yaml ├── prometheus-service.yaml ├── stress-cpu.yaml ├── stress-new.yaml ├── stress-pod.yaml └── stress.yaml ├── chapter11 ├── audit │ ├── audit-output.json │ ├── audit-policy.yaml │ ├── audit-records-pods.json │ ├── audit-records.json │ ├── create-ns.sh │ ├── obj.yaml │ └── pods.yaml ├── create-cluster.sh ├── criu │ ├── criu.sh │ └── install.sh ├── falco │ ├── deploy_falco.sh │ ├── falco-account.yaml │ ├── falco-config │ │ ├── falco.yaml │ │ ├── falco_rules.local.yaml │ │ ├── falco_rules.yaml │ │ └── k8s_audit_rules.yaml │ ├── falco-daemonset-configmap.yaml │ ├── falco-service.yaml │ ├── falco-syscall-rule.yaml │ ├── insecure-nginx.yaml │ ├── install-falco.sh │ ├── pod.yaml │ └── remote-install.sh ├── ha │ └── create-cluster.sh ├── sysdig │ ├── .DS_Store │ ├── run-capture.sh │ └── run-sysdig-inspect.sh └── vault │ ├── deploy-vault.sh │ ├── patch-template-annotation.yaml │ ├── vault-app.yaml │ └── vault-script.sh ├── chapter12 ├── create-cluster.sh ├── get-file-hash.sh └── insecure-nginx.yaml └── chapter13 └── kube-hunter.sh /.github/workflows/build-scan.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/.github/workflows/build-scan.yml -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/README.md -------------------------------------------------------------------------------- /chapter01/create-cluster.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter01/create-cluster.sh -------------------------------------------------------------------------------- /chapter01/create-state-store.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter01/create-state-store.sh -------------------------------------------------------------------------------- /chapter01/create-zone.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter01/create-zone.sh -------------------------------------------------------------------------------- /chapter01/sub-domain.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter01/sub-domain.json -------------------------------------------------------------------------------- /chapter02/create-cluster.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter02/create-cluster.sh -------------------------------------------------------------------------------- /chapter03/nocode: -------------------------------------------------------------------------------- 1 | no code for chapter 3 2 | -------------------------------------------------------------------------------- /chapter04/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter04/.DS_Store -------------------------------------------------------------------------------- /chapter04/cluster-role.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter04/cluster-role.yaml -------------------------------------------------------------------------------- /chapter04/create_ns.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | kubectl create namespace test 4 | -------------------------------------------------------------------------------- /chapter04/create_role.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | kubectl create -f role.yaml 4 | -------------------------------------------------------------------------------- /chapter04/create_role_binding_group.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter04/create_role_binding_group.sh -------------------------------------------------------------------------------- /chapter04/create_role_binding_sa.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter04/create_role_binding_sa.sh -------------------------------------------------------------------------------- /chapter04/create_sa.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | kubectl create serviceaccount demo-sa 4 | -------------------------------------------------------------------------------- /chapter04/pod.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter04/pod.yaml -------------------------------------------------------------------------------- /chapter04/role.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter04/role.yaml -------------------------------------------------------------------------------- /chapter05/network_policy.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter05/network_policy.yaml -------------------------------------------------------------------------------- /chapter05/network_policy_allow_good.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter05/network_policy_allow_good.yaml -------------------------------------------------------------------------------- /chapter05/nginx.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter05/nginx.yaml -------------------------------------------------------------------------------- /chapter05/ps_aux.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter05/ps_aux.sh -------------------------------------------------------------------------------- /chapter06/default_apiserver.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | minikube ssh -- 'ps aux | grep kube-api' 3 | -------------------------------------------------------------------------------- /chapter06/default_controller_manager.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | minikube ssh -- 'ps aux | grep kube-controller-manager' 3 | -------------------------------------------------------------------------------- /chapter06/default_etcd.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | minikube ssh -- 'ps aux | grep etcd' 3 | -------------------------------------------------------------------------------- /chapter06/default_kube_scheduler.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | minikube ssh -- 'ps aux | grep kube-scheduler' 3 | -------------------------------------------------------------------------------- /chapter06/default_kubelet.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | minikube ssh -- 'ps aux | grep /kubelet' 3 | -------------------------------------------------------------------------------- /chapter06/kube-bench.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter06/kube-bench.sh -------------------------------------------------------------------------------- /chapter06/nginx.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter06/nginx.yaml -------------------------------------------------------------------------------- /chapter07/anonymous_auth.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/anonymous_auth.sh -------------------------------------------------------------------------------- /chapter07/bootstrap_tokens.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/bootstrap_tokens.sh -------------------------------------------------------------------------------- /chapter07/busybox.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/busybox.yaml -------------------------------------------------------------------------------- /chapter07/client_certs.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/client_certs.sh -------------------------------------------------------------------------------- /chapter07/csr.cnf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/csr.cnf -------------------------------------------------------------------------------- /chapter07/csr.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/csr.yaml -------------------------------------------------------------------------------- /chapter07/deployment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/deployment.yaml -------------------------------------------------------------------------------- /chapter07/employee.crt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/employee.crt -------------------------------------------------------------------------------- /chapter07/employee.key: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/employee.key -------------------------------------------------------------------------------- /chapter07/generate_cert.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/generate_cert.sh -------------------------------------------------------------------------------- /chapter07/limitrange.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/limitrange.sh -------------------------------------------------------------------------------- /chapter07/limitrange.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/limitrange.yaml -------------------------------------------------------------------------------- /chapter07/new.csr: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/new.csr -------------------------------------------------------------------------------- /chapter07/opa.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/opa.sh -------------------------------------------------------------------------------- /chapter07/opa.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/opa.yaml -------------------------------------------------------------------------------- /chapter07/pod-blacklist.rego: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/pod-blacklist.rego -------------------------------------------------------------------------------- /chapter07/pod_limit.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/pod_limit.yaml -------------------------------------------------------------------------------- /chapter07/rbac.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/rbac.sh -------------------------------------------------------------------------------- /chapter07/role.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/role.yaml -------------------------------------------------------------------------------- /chapter07/rolebinding.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/rolebinding.yaml -------------------------------------------------------------------------------- /chapter07/server.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/server.conf -------------------------------------------------------------------------------- /chapter07/server.csr: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/server.csr -------------------------------------------------------------------------------- /chapter07/service_account.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/service_account.sh -------------------------------------------------------------------------------- /chapter07/webhook-config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter07/webhook-config.yaml -------------------------------------------------------------------------------- /chapter08/README.MD: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter08/README.MD -------------------------------------------------------------------------------- /chapter08/base-busybox.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter08/base-busybox.yaml -------------------------------------------------------------------------------- /chapter08/echo-pod.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter08/echo-pod.yaml -------------------------------------------------------------------------------- /chapter08/ns.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter08/ns.yaml -------------------------------------------------------------------------------- /chapter08/pods-allow.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter08/pods-allow.yaml -------------------------------------------------------------------------------- /chapter08/pods-deny.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter08/pods-deny.yaml -------------------------------------------------------------------------------- /chapter08/psp-advisor.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter08/psp-advisor.sh -------------------------------------------------------------------------------- /chapter08/psp-example.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter08/psp-example.sh -------------------------------------------------------------------------------- /chapter08/psp.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter08/psp.yaml -------------------------------------------------------------------------------- /chapter08/roles.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter08/roles.yaml -------------------------------------------------------------------------------- /chapter08/sa.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter08/sa.yaml -------------------------------------------------------------------------------- /chapter09/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter09/Dockerfile -------------------------------------------------------------------------------- /chapter09/anchore-cli.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter09/anchore-cli.yaml -------------------------------------------------------------------------------- /chapter09/build-push.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter09/build-push.sh -------------------------------------------------------------------------------- /chapter09/demo.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter09/demo.sh -------------------------------------------------------------------------------- /chapter09/jenkins.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter09/jenkins.yaml -------------------------------------------------------------------------------- /chapter10/config_prometheus.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/config_prometheus.yaml -------------------------------------------------------------------------------- /chapter10/deployment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/deployment.yaml -------------------------------------------------------------------------------- /chapter10/grafana-data.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/grafana-data.yaml -------------------------------------------------------------------------------- /chapter10/grafana-deployment-new.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/grafana-deployment-new.yaml -------------------------------------------------------------------------------- /chapter10/grafana-deployment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/grafana-deployment.yaml -------------------------------------------------------------------------------- /chapter10/grafana-service.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/grafana-service.yaml -------------------------------------------------------------------------------- /chapter10/limit_range.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/limit_range.yaml -------------------------------------------------------------------------------- /chapter10/nginx-bad.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/nginx-bad.yaml -------------------------------------------------------------------------------- /chapter10/nginx-good.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/nginx-good.yaml -------------------------------------------------------------------------------- /chapter10/nginx-resources.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/nginx-resources.yaml -------------------------------------------------------------------------------- /chapter10/nginx.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/nginx.yaml -------------------------------------------------------------------------------- /chapter10/prometheus-config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/prometheus-config.yaml -------------------------------------------------------------------------------- /chapter10/prometheus-deployment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/prometheus-deployment.yaml -------------------------------------------------------------------------------- /chapter10/prometheus-role.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/prometheus-role.yaml -------------------------------------------------------------------------------- /chapter10/prometheus-rolebinding.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/prometheus-rolebinding.yaml -------------------------------------------------------------------------------- /chapter10/prometheus-service.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/prometheus-service.yaml -------------------------------------------------------------------------------- /chapter10/stress-cpu.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/stress-cpu.yaml -------------------------------------------------------------------------------- /chapter10/stress-new.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/stress-new.yaml -------------------------------------------------------------------------------- /chapter10/stress-pod.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/stress-pod.yaml -------------------------------------------------------------------------------- /chapter10/stress.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter10/stress.yaml -------------------------------------------------------------------------------- /chapter11/audit/audit-output.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/audit/audit-output.json -------------------------------------------------------------------------------- /chapter11/audit/audit-policy.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/audit/audit-policy.yaml -------------------------------------------------------------------------------- /chapter11/audit/audit-records-pods.json: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /chapter11/audit/audit-records.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/audit/audit-records.json -------------------------------------------------------------------------------- /chapter11/audit/create-ns.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/audit/create-ns.sh -------------------------------------------------------------------------------- /chapter11/audit/obj.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/audit/obj.yaml -------------------------------------------------------------------------------- /chapter11/audit/pods.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/audit/pods.yaml -------------------------------------------------------------------------------- /chapter11/create-cluster.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/create-cluster.sh -------------------------------------------------------------------------------- /chapter11/criu/criu.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/criu/criu.sh -------------------------------------------------------------------------------- /chapter11/criu/install.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/criu/install.sh -------------------------------------------------------------------------------- /chapter11/falco/deploy_falco.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/falco/deploy_falco.sh -------------------------------------------------------------------------------- /chapter11/falco/falco-account.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/falco/falco-account.yaml -------------------------------------------------------------------------------- /chapter11/falco/falco-config/falco.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/falco/falco-config/falco.yaml -------------------------------------------------------------------------------- /chapter11/falco/falco-config/falco_rules.local.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/falco/falco-config/falco_rules.local.yaml -------------------------------------------------------------------------------- /chapter11/falco/falco-config/falco_rules.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/falco/falco-config/falco_rules.yaml -------------------------------------------------------------------------------- /chapter11/falco/falco-config/k8s_audit_rules.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/falco/falco-config/k8s_audit_rules.yaml -------------------------------------------------------------------------------- /chapter11/falco/falco-daemonset-configmap.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/falco/falco-daemonset-configmap.yaml -------------------------------------------------------------------------------- /chapter11/falco/falco-service.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/falco/falco-service.yaml -------------------------------------------------------------------------------- /chapter11/falco/falco-syscall-rule.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/falco/falco-syscall-rule.yaml -------------------------------------------------------------------------------- /chapter11/falco/insecure-nginx.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/falco/insecure-nginx.yaml -------------------------------------------------------------------------------- /chapter11/falco/install-falco.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/falco/install-falco.sh -------------------------------------------------------------------------------- /chapter11/falco/pod.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/falco/pod.yaml -------------------------------------------------------------------------------- /chapter11/falco/remote-install.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/falco/remote-install.sh -------------------------------------------------------------------------------- /chapter11/ha/create-cluster.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/ha/create-cluster.sh -------------------------------------------------------------------------------- /chapter11/sysdig/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/sysdig/.DS_Store -------------------------------------------------------------------------------- /chapter11/sysdig/run-capture.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/sysdig/run-capture.sh -------------------------------------------------------------------------------- /chapter11/sysdig/run-sysdig-inspect.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/sysdig/run-sysdig-inspect.sh -------------------------------------------------------------------------------- /chapter11/vault/deploy-vault.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/vault/deploy-vault.sh -------------------------------------------------------------------------------- /chapter11/vault/patch-template-annotation.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/vault/patch-template-annotation.yaml -------------------------------------------------------------------------------- /chapter11/vault/vault-app.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/vault/vault-app.yaml -------------------------------------------------------------------------------- /chapter11/vault/vault-script.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter11/vault/vault-script.sh -------------------------------------------------------------------------------- /chapter12/create-cluster.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter12/create-cluster.sh -------------------------------------------------------------------------------- /chapter12/get-file-hash.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter12/get-file-hash.sh -------------------------------------------------------------------------------- /chapter12/insecure-nginx.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter12/insecure-nginx.yaml -------------------------------------------------------------------------------- /chapter13/kube-hunter.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PacktPublishing/Learn-Kubernetes-Security/HEAD/chapter13/kube-hunter.sh --------------------------------------------------------------------------------